计算机与现代化Issue(12):40-44,5.DOI:10.3969/j.issn.1006-2475.2024.12.006
基于自编码器的网络流量异常检测
Anomaly Detection of Network Traffic Based on Autoencoder
摘要
Abstract
In the face of increasingly complex network traffic and data structures with increasing dimensions,the existing traffic anomaly detection schemes have problems such as high false positive rate,low efficiency and poor practicability.To solve these problems,an autoencoder based network traffic anomaly detection model is proposed.Firstly,the model extracts the features of network traffic based on random forest algorithm and selects the optimal collection,and divides the feature vector set into several subsets by hierarchical clustering algorithm to reduce the feature dimension.Then the feature subset is processed in parallel by the autoencoder and the RMSE value is calculated.The maximum average RMSE value of multiple experiments is defined as the normal flow threshold.The average RMSE value and threshold of the test data are used to determine the abnormal traffic.The ex-perimental results show that the recall rate of this model is 4.3 percentage points higher than that of the traditional anomaly detec-tion method,and the running time is reduced by about 37%.关键词
异常检测/自编码器/层次聚类/随机森林算法Key words
anomaly detection/autoencoder/hierarchical clustering/random forest algorithm分类
信息技术与安全科学引用本文复制引用
吕美静,年梅,张俊,付鲁森..基于自编码器的网络流量异常检测[J].计算机与现代化,2024,(12):40-44,5.基金项目
新疆维吾尔自治区自然科学基金资助项目(2023D01A46) (2023D01A46)
国家重点研发计划项目(E1182101) (E1182101)
